package top.surgeqi.security.demo.controller;

import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.annotation.security.RolesAllowed;
import javax.servlet.http.HttpServletRequest;
import java.security.Principal;

/**
 * <p><em>Created by qipp on 2020/6/1 11:11</em></p>
 * 用户账户控制器
 *
 * @author <a href="https://gitee.com/qipengpai">qipp</a>
 * @since 1.0.1
 */
@RestController
public class UserAccountController {


    /**
     * 获取用户认证对象
     * @return java.lang.Object
     * @author qipp
     */
    @GetMapping("/user")
    public Object user4() {
        return SecurityContextHolder.getContext().getAuthentication();
    }

    @Secured("ROLE_SURGE_USER")
    @GetMapping("/user1")
    public Object user1(Principal principal) {
        return principal;
    }

    @PreAuthorize("hasRole('ROLE_SURGE_ADMIN')")
    @GetMapping("/user2")
    public Object user2(Authentication authentication) {
        return authentication;
    }

    @RolesAllowed("ROLE_SURGE_USER")
    @GetMapping("/user3")
    public Object user3(HttpServletRequest request) {
        return request.getUserPrincipal();
    }
}
